The malware commonly known as Winfixer aka Errorsafe is being distributed via MSN Messenger banner advertisements.??This has been reported to secure@microsoft.com and they and the MSN ads team are investigating.

I was originally warned that this is happening?by none other than Patchou of Messenger Plus! fame on Thursday?15 Feb 2007 at 7:33:00 am Perth time.? I received a second report from?Johan Brune?that confirmed what is happening at 11.56am Perth time, 18 February (about?3 and a half hours ago) and I have now been able to reproduce the problem on my own machine.? It says a lot for Patchou’s integrity that he was willing to write to me and warn me about this problem despite our history.? I have been extremely critical of him and his Sponsor Program in the past and have said some very nasty things at times, yet despite all that we have been able to maintain an open dialogue which has borne important fruit – Patchou was the first person to report the winfixer infiltration to me.

Brief warnings appeared on www.mess.be and at Neowin?(http://www.neowin.net/index.php?act=view&id=38176) after Patchou got in touch and while I was still investigating and trying to confirm the problems, but they contain little in the way of screenshots or detailed information.? Also, the articles report that the Free PC-Secure banners trigger dialogue windows, which is not my experience, or the experience of anybody that I have contacted to duplicate my tests and verify the problems.

Via: SpywareSucks?